https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r765: Say hello to the GPL
[bugdar.git] / admin / user.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright ©2002-[#]year[#] Iris Studios, Inc.
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 require_once('./global.php');
23
24 if (!can_perform('canadminusers'))
25 {
26 admin_login();
27 }
28
29 // ###################################################################
30
31 if (empty($_REQUEST['do']))
32 {
33 $_REQUEST['do'] = 'modify';
34 }
35
36 // ###################################################################
37
38 if ($_REQUEST['do'] == 'kill')
39 {
40 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userid']));
41 if (!$user)
42 {
43 $admin->error($lang->getlex('error_invalid_id'));
44 }
45
46 if ($user['userid'] == $bugsys->userinfo['userid'])
47 {
48 $admin->error($lang->string('You cannot delete your own account!'));
49 }
50
51 if ($user['usergroupid'] == 6)
52 {
53 $count = $db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> $user[userid]");
54 if ($count['count'] < 1)
55 {
56 $admin->error($lang->string('At least one other administrator needs to be present before you can delete this user'));
57 }
58 }
59
60 $db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = $user[userid]");
61 $db->query("DELETE FROM " . TABLE_PREFIX . "favourite WHERE userid = $user[userid]");
62 $db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = $user[userid]");
63
64 $admin->redirect('user.php');
65 }
66
67 // ###################################################################
68
69 if ($_REQUEST['do'] == 'delete')
70 {
71 $admin->page_confirm($lang->string('Are you sure you want to delete this user?'), 'user.php?do=kill&amp;userid=' . intval($bugsys->in['userid']));
72 }
73
74 // ###################################################################
75
76 if ($_POST['do'] == 'insert')
77 {
78 $salt = $funct->rand(15);
79
80 $db->query("
81 INSERT INTO " . TABLE_PREFIX . "user
82 (email, displayname, password, salt, authkey, showemail, showcolours, languageid, usergroupid, timezone)
83 VALUES
84 ('" . $bugsys->in['email'] . "',
85 '" . $bugsys->in['displayname'] . "',
86 '" . md5(md5($bugsys->in['password']) . md5($salt)) . "',
87 '$salt',
88 '" . $funct->rand() . "',
89 " . intval($bugsys->in['showemail']) . ",
90 " . intval($bugsys->in['showcolours']) . ",
91 " . intval($bugsys->in['languageid']) . ",
92 " . intval($bugsys->in['usergroupid']) . ",
93 " . intval($bugsys->in['timezone']) . "
94 )"
95 );
96
97 build_assignedto();
98
99 $admin->redirect('user.php?do=edit&userid=' . $db->insert_id());
100 }
101
102 // ###################################################################
103
104 if ($_POST['do'] == 'update')
105 {
106 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userid']));
107 if (!$user)
108 {
109 $admin->error($lang->getlex('error_invalid_id'));
110 }
111
112 $db->query("
113 UPDATE " . TABLE_PREFIX . "user
114 SET displayname = '" . $bugsys->in['displayname'] . "',
115 email = '" . $bugsys->in['email'] . "',
116 showcolours = " . intval($bugsys->in['showcolours']) . ",
117 usergroupid = " . intval($bugsys->in['usergroupid']) . ",
118 languageid = " . intval($bugsys->in['languageid']) . ",
119 timezone = " . intval($bugsys->in['timezone']) . ($bugsys->in['password'] ? ",
120 password = '" . md5(md5($bugsys->in['password']) . md5($user['salt'])) . "'" : '') . "
121 WHERE userid = $user[userid]"
122 );
123
124 build_assignedto();
125
126 $admin->redirect('user.php?do=edit&userid=' . $user['userid']);
127 }
128
129 // ###################################################################
130
131 if ($_REQUEST['do'] == 'edit' OR $_REQUEST['do'] == 'add')
132 {
133 $add = ($_REQUEST['do'] == 'add');
134 $edit = (!$add);
135
136 if ($edit)
137 {
138 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userid']));
139 if (!$user)
140 {
141 $admin->error($lang->getlex('error_invalid_id'));
142 }
143 }
144
145 $admin->page_start(($add ? $lang->string('Add User') : $lang->string('Edit User')), 2, 'user_manage');
146
147 $admin->form_start('user.php', ($add ? 'insert' : 'update'));
148
149 if ($edit)
150 {
151 $admin->form_hidden_field('userid', $user['userid']);
152 }
153
154 $admin->table_start();
155
156 $admin->table_head(($add ? $lang->string('Add User') : sprintf($lang->string('Edit User (userid: %1$s)'), $user['userid'])));
157
158 $admin->row_input($lang->string('Display Name'), 'displayname', $user['displayname']);
159 $admin->row_input($lang->string('Email'), 'email', $user['email']);
160 $admin->row_input(($add ? $lang->string('Password') : $lang->string('Password (Leave blank for no change)')), 'password');
161
162 foreach ($bugsys->datastore['usergroup'] AS $group)
163 {
164 $admin->list_item($group['title'], $group['usergroupid'], ($user['usergroupid'] == $group['usergroupid']));
165 }
166 $admin->row_list($lang->string('Usergroup'), 'usergroupid');
167
168 $admin->row_yesno($lang->string('Show Email Publicly'), 'showemail', $user['showemail']);
169 $admin->row_yesno($lang->string('Show Status Colours on Bug Listings'), 'showcolours', $user['showcolours']);
170
171 foreach ($bugsys->datastore['language'] AS $language)
172 {
173 $admin->list_item($language['title'], $language['languageid'], ($user['languageid'] == $language['languageid']));
174 }
175 $admin->row_list($lang->string('Language'), 'languageid');
176
177 foreach ($datef->fetch_timezone_list() AS $value => $string)
178 {
179 $admin->list_item($string, $value, ($user['timezone'] == $value));
180 }
181 $admin->row_list($lang->string('Timezone'), 'timezone');
182
183 $admin->row_submit(($edit ? '<a href="user.php?do=delete&amp;userid=' . $user['userid'] . '">[' . $lang->string('Delete') . ']</a>' : ''), ':save:', ':reset:', 4);
184
185 $admin->table_end();
186 $admin->form_end();
187
188 $admin->page_end();
189 }
190
191 // ###################################################################
192
193 if ($_REQUEST['do'] == 'search')
194 {
195 $fail = false;
196
197 if (is_numeric($bugsys->in['userdata']))
198 {
199 if ($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userdata'])))
200 {
201 header('Location: user.php?do=edit&userid=' . intval($bugsys->in['userdata']));
202 }
203 else
204 {
205 $fail = true;
206 }
207 }
208 else
209 {
210 $bugsys->in['userdata'] = str_replace('%', '\%', $bugsys->in['userdata']);
211 $results = $db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . $bugsys->in['userdata'] . "%' OR displayname LIKE '%" . $bugsys->in['userdata'] . "%'");
212
213 if ($db->num_rows($results) < 1)
214 {
215 $fail = true;
216 }
217 else
218 {
219 $admin->page_start($lang->string('Search Results'));
220
221 $admin->table_start();
222 $admin->table_head($lang->string('Search Results'), 4);
223 $admin->table_column_head(array($lang->string('Display Name'), $lang->string('Email'), $lang->string('User ID'), $lang->string('Actions')));
224
225 while ($row = $db->fetch_array($results))
226 {
227 $admin->row_multi_item(array(
228 $row['displayname'] => 'l',
229 $row['email'] => 'c',
230 $row['userid'] => 'c',
231 '<a href="user.php?do=edit&amp;userid=' . $row['userid'] . '">[' . $lang->string('Edit') . ']</a>' => 'c'
232 ));
233 }
234
235 $admin->table_end();
236
237 $admin->page_end();
238 }
239 }
240
241 if ($fail)
242 {
243 $admin->error($lang->string('Sorry, we could not find any users that matched your criteria.'));
244 }
245 }
246
247 // ###################################################################
248
249 if ($_REQUEST['do'] == 'modify')
250 {
251 $admin->page_start($lang->string('User Search'));
252
253 $admin->form_start('user.php', 'search');
254 $admin->table_start(true, '45%');
255
256 $admin->table_head($lang->string('User Search'), 2, 'user_manage');
257 $admin->row_input($lang->string('Name/Email/ID'), 'userdata');
258
259 $admin->row_submit('', ':save:', '');
260
261 $admin->table_end();
262 $admin->form_end();
263
264 $admin->page_end();
265 }
266
267 /*=====================================================================*\
268 || ###################################################################
269 || # $HeadURL$
270 || # $Id$
271 || ###################################################################
272 \*=====================================================================*/
273 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.